12 results (0.007 seconds)

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 3

The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows users to obtain usernames and plaintext passwords via a request to the userlist.asp program, which includes the passwords in a user editing form. • https://www.exploit-db.com/exploits/21925 http://archives.neohapsis.com/archives/bugtraq/2002-10/0137.html http://www.iss.net/security_center/static/10320.php http://www.securityfocus.com/bid/5929 •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 3

Cross-site scripting (XSS) vulnerability in msgError.asp for the administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to insert arbitrary script or HTML via the Reason parameter. • https://www.exploit-db.com/exploits/21924 http://archives.neohapsis.com/archives/bugtraq/2002-10/0137.html http://www.iss.net/security_center/static/10319.php http://www.securityfocus.com/bid/5928 •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 1

The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to cause a denial of service (crash) via an HTTP request without a Content-Length parameter. • http://archives.neohapsis.com/archives/bugtraq/2002-10/0137.html http://www.iss.net/security_center/static/10321.php http://www.securityfocus.com/bid/5930 •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 1

The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to cause a denial of service (resource exhaustion) via a GET request without the terminating /r/n/r/n (CRLF) sequence, which causes the interface to wait for the sequence and blocks other users from accessing it. • http://archives.neohapsis.com/archives/bugtraq/2002-10/0137.html http://www.iss.net/security_center/static/10322.php http://www.securityfocus.com/bid/5931 •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

SurfControl SuperScout Email filter for SMTP 3.5.1 allows remote attackers to cause a denial of service (crash) via a long SMTP (1) HELO or (2) RCPT TO command, possibly due to a buffer overflow. • http://marc.info/?l=vuln-dev&m=101569966118410&w=2 http://www.iss.net/security_center/static/8424.php http://www.securityfocus.com/bid/4257 •